Opened 8 years ago

Closed 7 years ago

#8207 closed defect (fixed)

Hidden service authorization can never succeed

Reported by: nickm Owned by:
Priority: High Milestone: Tor: 0.2.4.x-final
Component: Core Tor/Tor Version: Tor:
Severity: Keywords: tor-hs
Cc: andrea, sina Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Have a look at the refactored rend_service_introduce() in 0.2.4.

We set auth_len to 0 at the start of the function. Nothing changes it later. But at the end of the function, we do:

  if (service->clients) {
    if (auth_len > 0) {
      if (rend_check_authorization(service, auth_data)) {
        log_info(LD_REND, "Authorization data in INTRODUCE2 cell are valid.");
      } else {
        log_info(LD_REND, "The authorization data that are contained in "
                 "the INTRODUCE2 cell are invalid. Dropping cell.");
        goto err;
    } else {
      log_info(LD_REND, "INTRODUCE2 cell does not contain authentication "
               "data, but we require client authorization. Dropping cell.");
      goto err;

Since auth_len is always 0, we will always say that the introduce2 cell had no authorization data, and fail.

The commit 471ab340325 introduced this bug in

Fortunately, this is a fail-closed bug: we are making all the auth fail, not succeed. Unfortunately, the fact that nobody has reported this would seem to indicate that nobody has tried using hidden service authentication with 0.2.4.x.

Spotted by Coverity; this is CID 718615. I've got a fix -- just a second.

Child Tickets

Change History (3)

comment:1 Changed 8 years ago by nickm

Status: newneeds_review

Likely fix in branch bug8207 in my public repository. Needs review!

comment:2 Changed 8 years ago by arma

Cc: sina added

comment:3 Changed 7 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

andrea likes it. Merging.

Note: See TracTickets for help on using tickets.